Tag Archives: Azure

Allgemein, Azure, Cloud, Community, Microsoft, MVP

Awarded as Microsoft MVP for Azure and Microsoft Security 2024-2025

Leave a comment

I am pleased to announce that I have once again been recognized as a Microsoft MVP for Azure and Security in 2024-2025. This year there were some internal changes and the announcement was therefore postponed to July 10. So late Wednesday the mail came and I saw, just before my birthday, that I was again awarded in the following categories:

  • MVP for Microsoft Azure Compute Infrastructure
  • MVP for Cloud Security

What a great surprise

It is still an honor to be part of this family. There are many people who have supported me along the way, without whom this award would not have been possible. A big thank you goes to my wife Jessica, without her support this would not have been possible. There are many people who have become true friends during this time and to whom I am very grateful for their support, like Eric Berg, Thomas Naunheim, Marcel Meurer and Tom Janetscheck and many others. Also a big thank you to my Azure Bonn Orga Team, René de la Motte and Thomas Naunheim without whom the many Meetups and the Cloud Identity Summit would only be half as nice.

But this award is not possible without the community and the recognition from Microsoft, so a big thank you for that.

If you’re interested in what conferences you can find me at in 2024, feel free to check out my upcoming community events page.

Allgemein, Azure, Azure Security, Cloud, Community, Defender for Cloud, Microsoft

Awarded as Defender for Cloud Champion and as Community Advocate 2024

Leave a comment

The Microsoft Security Community programm continues to grow and there are many exiting new features and additional previews coming to live. I´m working on some of the new previews to gain insights and provide feedback and there are really great new offerings coming.

I`m happy to share that I was awarded as Defender for Cloud Champion and as Community Advocate 2024.

Continue reading Awarded as Defender for Cloud Champion and as Community Advocate 2024
Allgemein, Azure, Azure Governance, Cloud, Community, Microsoft

Guest on Geeksprech Podcast about FinOps and/or Azure Cost Management (Governance)

Leave a comment

In 2023 I was at some conferences where I held a session about Azure Cost Management and I´ve discussed this topic also a couple of times with my best buddy Eric Berg.

He invited me to his podcast Geeksprech where we talked and discuss what FinOps is and why in some cases it`s the same as cloud governance and cost management without the melodious and modern name 🙂

Continue reading Guest on Geeksprech Podcast about FinOps and/or Azure Cost Management (Governance)
Allgemein, Azure, Azure File Sync, Azure Governance, Azure Migrate, Cloud, Community, Microsoft, Windows Admin Center, Windows Server, Windows Server 2008 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022

Speaking at Windows Server Engineering Summit 2024

Leave a comment

With the announcement of the next Windows Server release, called Windows Server 2025, Microsoft decided to organize the next Windows Server Engineering Summit. The Windows Server Summit 2024 will take place March 26-28, 2024, 8 AM – 4 PM Pacific Time with many sessions around Windows Server solutions.

I´m happy to be invited to hold two sessions, which I think are really important and value from Management and Migration purposes.

Continue reading Speaking at Windows Server Engineering Summit 2024
Allgemein, Azure, Cloud, Microsoft, Windows Server, WSUS

The new Azure Update Manager is GA – Part 2 – How it works and the valuable new features

Leave a comment

In the first part of this article (Three-big-reasons-to-migrate-to-update-manager-and-forget-the-classic-update-management-center) I dived into the improvements and reasons why Micrsoft introduce Azure Update Manager as a successor of the classic Update Management Center solution based on Azure Automation. In this part, I will explain how it works and what major improvements and new functions the Azure Update Manager offers

Please note: Azure Update Center is based on Azure Automation and needs the Microsoft Monitoring Agent. The MMA has been discontinued and will no longer be supported after August 2024. Support for Update Center has therefore also been discontinued.

2nd note: Microsoft will charged at a daily prorated value of 0.16/server/day which equates to approximately $5 USD/server/month beginning 1 February 2024 for customers using Azure Update Manager on Arc-enabled servers.

Continue reading The new Azure Update Manager is GA – Part 2 – How it works and the valuable new features
Allgemein, Azure Security, Azure VM, Cloud, Defender for Cloud, Microsoft, Windows Server, Zero Trust

Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell

Leave a comment

Microsoft model for a scalable Cloud Adtoption is based on the Enterprise Scale Architecture and I think this is a scalable and useful modell for every customer that uses Azure ressources. It´s based on the definition to granulary devide the workloads in different subscriptions and gives via Management Groups the possibility to group this differnent subscription into workload groups like Development, Core, etc. I know many customers struggle with this model and mistakenly think that Enterprise Scale is a reference to Enterprise customers, but this is not the case.

Based on the Enterprise Scale Architecture some services and security features can only be activated on subscription level to guarante that each resource inside the subscription is secured. This basis makes it even more important for customers to consider the Enterprise Scale Architecture or to orient themselves towards it.

The Microsoft Defender for Cloud and especially the Defender for Server P1 and P2 plans can only be activated on subscription level in the past. Microsoft has decided to change this and now allow plans to be activated at resource level (per server). It is important to understand that the principled approach activating on Subscription Level and the Enterprise Scale architecture are still valid and needed and this possibility is only a concession to cover certain requirements:

  • manage security configurations at a lower hierarchy level
  • flexibility for excluding specific resources (VMs) inside the subscription
  • enable different plans on subscription because for implementation of Enterprise Scale approach
Continue reading Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell
Allgemein, Azure, Cloud, Microsoft, Windows Server 2016, Windows Server 2019, Windows Server 2022

How to deactivate Hyper-threading on Azure VMs in an easy way without Microsoft support

Leave a comment

In my current project we have the requirement to deactivate Hyper-threading on some Azure VMs. There are some Azure VMs available without Hyper-threading which can be found on the Azure compute unit site where Microsoft published a table with VM SKUs sizes where the “vCPU: Core” give a hint about VMs which are not having HT integrated. But this sizes are very limited and we have some requirements from licensing side to disable Hyper-threading and there also some applications which have a better performance when HT is disabled.

Continue reading How to deactivate Hyper-threading on Azure VMs in an easy way without Microsoft support
Allgemein, Azure, Azure Arc, Cloud, Microsoft

The new Azure Update Manager is GA Part 1 – three big reasons to migrate to Update Center and forget the classic Update Management Center

Leave a comment

Microsoft released a completely new designed Update solution for Azure which supports VMs running in Hybrid- and Cloud-only environments with the name Azure Update Manager (formerly known as Update Management Center). This new solution is completely new and not based on the Azure Automation solution. The Azure Automation solution is based on the Microsoft Monitoring Agent (MMA – Log Analytics Agent) which will be retired on 31 august 2024.

The new solution cut off a lot of dependencies and fully compatible with Azure Arc. The reason that the solution, which has been in preview for a long time, is now announced as GA is that this solution supports the extended security updates for Windows Server 2012, which recently went out of extended support.

Please note: Azure Update Center is based on Azure Automation and needs the Microsoft Monitoring Agent. The MMA has been discontinued and will no longer be supported after August 2024. Support for Update Center has therefore also been discontinued.

The new Azure Update Manager in preview named as Update Management Center, was needed, because of an consistent Update Management over all VMs including VMs, that are integrated via Azure Arc.

The new solution offers significante improvements:

  • Zero on-boarding with Azure Policy support
  • No dependencies on Log Analytics or Azure Automation
  • Built as native functionallity on Azure Compute and Azure Arc for Servers
  • Support Azure RBAC and roles based of ARM in Azure
  • No manual intervention is needed as long as Azure-VM- or Arc-agent is running
  • Gathered information available for analysis via Azure Resource Graph
  • Support for automatic VM guest patching and hotpatching
  • Manage Extended Security Updates (ESU) for out of supoort WS2012

In this article I will give you a overview about the solution and how you can configure this solution for your VMs. Since I’ve been using it in a large Azure environment since the Public Preview release, I’ll point out some recommendations and pitfalls.

Continue reading The new Azure Update Manager is GA Part 1 – three big reasons to migrate to Update Center and forget the classic Update Management Center
Allgemein, Azure Security, Cloud, Defender for Cloud, Microsoft, Zero Trust

Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Leave a comment

Microsoft announced with Defender for Cloud Security Posture Management a new plan in the Defender for Cloud product family which focuses on a central view on the security posture of the customer.

In this article I will give a overview about which topics Defender for CSPM covers, how it will be enabled and how the pricing is actual working which holds some suprises if Defender for Servers is already in use.

Continue reading Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information
Allgemein, Cloud, Community, Microsoft, MVP

Microsoft MVP for Azure for 2023-2024 (5th year in a row) and 1st time MVP for Security

Leave a comment

Every year on July 1, the MVP renewal process takes place and Microsoft notifies us on that day if we will be awarded another year as an MVP based on our contributions. So most of the MVPs look into their inboxes and wait for the mail notification. Some colleagues call the day the F5 day, because second by second the inbox is updated 🙂

This year there were some technical difficulties and so late on July 1 there was an announcement that the MVP announcement would be delayed until July 6. Again a murmur went through the internet. 🙂

So the F5 day is postponed to Thursday and all are looking curious on this day. Late on Thurday the Mail comes in, but I´m in a customer meeting and overlook the notifcation. Some minutes later I take a look and I was once again recognized as a Microsoft MVP in the Azure category for 2023-2024. That was my first surprise, but the mail continues and I see another surprise. Microsoft also awarded me in a 2nd category and now I am also MVP for security. 🙂

I’m really grateful and honored to have received this special award for the fifth year in a row and also awarded as MVP for Security.

Continue reading Microsoft MVP for Azure for 2023-2024 (5th year in a row) and 1st time MVP for Security